{"vulnerability": "cve-2024-4544", "sightings": [{"uuid": "37061d5d-770e-4b41-ba2e-d65853fcc6e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45440", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9612", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aDrupal CVE-2024-45440\nURL\uff1ahttps://github.com/w0r1i0g1ht/CVE-2024-45440\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-12-26T13:38:01.000000Z"}, {"uuid": "c8bc77f7-1035-4475-9e91-7b579a78a54d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45440", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lnbkcd2n7n2t", "content": "", "creation_timestamp": "2025-04-20T21:02:10.453005Z"}, {"uuid": "c196027a-7347-4c98-8f5c-ea6ad77712ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45440", "type": "seen", "source": "https://t.me/cvedetector/4385", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45440 - Drupal Full Path Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-45440 \nPublished : Aug. 29, 2024, 11:15 a.m. | 21\u00a0minutes ago \nDescription : core/authorize.php in Drupal 11.x-dev allows Full Path Disclosure (even when error logging is None) if the value of hash_salt is file_get_contents of a file that does not exist. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-29T13:42:46.000000Z"}, {"uuid": "eea31fd2-7ce9-4ba1-9b31-7f0fe3d16093", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45440", "type": "published-proof-of-concept", "source": "Telegram/6_cMvs3tMeehe309mG6N2g9y4QBq1tvc42OJE7OT1rRPF2s", "content": "", "creation_timestamp": "2025-05-06T00:40:05.000000Z"}, {"uuid": "427fd3be-b78e-4988-ad46-2353e7c19f68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45440", "type": "published-proof-of-concept", "source": "Telegram/c_gy3Lo3G6i52K-4h-VP8B_Tes7YMoJfZHtD-dMJDNTMxQps", "content": "", "creation_timestamp": "2025-05-06T00:39:05.000000Z"}, {"uuid": "7af8839b-acd2-4c9a-80ec-c1a33ab7a7fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45440", "type": "published-proof-of-concept", "source": "https://t.me/cyber_hsecurity/4505", "content": "This exploit targets Drupal 11.x-dev, disclosing full file paths via CVE-2024-45440. Affects systems with improperly configured `hash_salt`. Risks include unauthorized access and data leakage. Potentially impacts thousands of vulnerable Drupal sites.\n\nJoin: https://t.me/+qeejqIiGum9jOTI9\nContact: @a1887bot", "creation_timestamp": "2025-05-04T07:31:25.000000Z"}, {"uuid": "8a0a0da7-3f5e-48cb-b71b-77710c8e049b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45440", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1584", "content": "", "creation_timestamp": "2024-09-01T19:32:51.000000Z"}, {"uuid": "db4ed223-7b59-423a-afe9-5e02d181bdcd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45445", "type": "seen", "source": "https://t.me/cvedetector/4749", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45445 - Apache Keystore Leaks Memory\", \n  \"Content\": \"CVE ID : CVE-2024-45445 \nPublished : Sept. 4, 2024, 3:15 a.m. | 36\u00a0minutes ago \nDescription : Vulnerability of resources not being closed or released in the keystore module  \nImpact: Successful exploitation of this vulnerability will affect availability. \nSeverity: 4.0 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-04T06:01:57.000000Z"}, {"uuid": "ba7e828d-3796-4d5a-88f7-42eb14522f75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45443", "type": "seen", "source": "https://t.me/cvedetector/4748", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45443 - Apache Cust Directory Traversal\", \n  \"Content\": \"CVE ID : CVE-2024-45443 \nPublished : Sept. 4, 2024, 3:15 a.m. | 36\u00a0minutes ago \nDescription : Directory traversal vulnerability in the cust module  \nImpact: Successful exploitation of this vulnerability will affect availability and confidentiality. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-04T06:01:56.000000Z"}, {"uuid": "81c368c1-e27a-44f2-b8fe-2b105a46ce80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45441", "type": "seen", "source": "https://t.me/cvedetector/4738", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45441 - Windows System Service Module Input Verification Denial of Service\", \n  \"Content\": \"CVE ID : CVE-2024-45441 \nPublished : Sept. 4, 2024, 2:15 a.m. | 44\u00a0minutes ago \nDescription : Input verification vulnerability in the system service module  \nImpact: Successful exploitation of this vulnerability will affect availability. \nSeverity: 6.2 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-04T05:11:42.000000Z"}, {"uuid": "79e79ac1-ca14-4236-8455-6c7c402c9c91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45444", "type": "seen", "source": "https://t.me/cvedetector/4746", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45444 - Axxeom WMS Access Permission Verification Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45444 \nPublished : Sept. 4, 2024, 3:15 a.m. | 36\u00a0minutes ago \nDescription : Access permission verification vulnerability in the WMS module  \nImpact: Successful exploitation of this vulnerability may affect service confidentiality. \nSeverity: 5.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-04T06:01:54.000000Z"}, {"uuid": "6c62e0e3-3cdf-4342-ab60-d057bf63d653", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45446", "type": "seen", "source": "https://t.me/cvedetector/4745", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45446 - Sony Camera Driver Unauthenticated Access Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45446 \nPublished : Sept. 4, 2024, 3:15 a.m. | 36\u00a0minutes ago \nDescription : Access permission verification vulnerability in the camera driver module  \nImpact: Successful exploitation of this vulnerability will affect availability. \nSeverity: 5.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-04T06:01:53.000000Z"}, {"uuid": "f72cd8a7-120e-4ea0-ba9d-47a7034426bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45447", "type": "seen", "source": "https://t.me/cvedetector/4744", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45447 - FosCAM uninitialized buffer, HKD\", \n  \"Content\": \"CVE ID : CVE-2024-45447 \nPublished : Sept. 4, 2024, 3:15 a.m. | 36\u00a0minutes ago \nDescription : Access control vulnerability in the camera framework module  \nImpact: Successful exploitation of this vulnerability may affect service confidentiality. \nSeverity: 4.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-04T06:01:49.000000Z"}, {"uuid": "829fff5d-a9eb-4883-868c-4a00803fdd29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45448", "type": "seen", "source": "https://t.me/cvedetector/4743", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45448 - Firmware Security - Page Table Protection Configuration Exposure in Trusted Firmware\", \n  \"Content\": \"CVE ID : CVE-2024-45448 \nPublished : Sept. 4, 2024, 3:15 a.m. | 36\u00a0minutes ago \nDescription : Page table protection configuration vulnerability in the trusted firmware module  \nImpact: Successful exploitation of this vulnerability may affect service confidentiality. \nSeverity: 4.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-04T06:01:49.000000Z"}, {"uuid": "a75ac603-59f9-49fd-9f21-fe75b20b557e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45449", "type": "seen", "source": "https://t.me/cvedetector/4741", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45449 - \"Ringtone Setting Module Access Permission Verification Bypass\"\", \n  \"Content\": \"CVE ID : CVE-2024-45449 \nPublished : Sept. 4, 2024, 3:15 a.m. | 36\u00a0minutes ago \nDescription : Access permission verification vulnerability in the ringtone setting module  \nImpact: Successful exploitation of this vulnerability may affect service confidentiality. \nSeverity: 5.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-04T06:01:47.000000Z"}, {"uuid": "9dd37799-01f0-4db8-ab57-cd696cbe9584", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45442", "type": "seen", "source": "https://t.me/cvedetector/4737", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45442 - Oracle Solaris DownloadProviderMain Unauthorized API Access Weakness\", \n  \"Content\": \"CVE ID : CVE-2024-45442 \nPublished : Sept. 4, 2024, 2:15 a.m. | 44\u00a0minutes ago \nDescription : Vulnerability of permission verification for APIs in the DownloadProviderMain module  \nImpact: Successful exploitation of this vulnerability will affect availability. \nSeverity: 5.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-04T05:11:41.000000Z"}, {"uuid": "ba7716ec-8778-4e64-9a7c-bd6d26f58013", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45440", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/11617", "content": "#exploit\n\n1. CVE-2024-45440:\nDrupal Full Path Disclosure\n\n2. How an obscure PHP footgun led to RCE in Craft CMS\n\n3. CVE-2024-20137:\nMediaTek SOCs\u00a0WLAN Driver - DoS\n\n4. CVE-2024-42845:\nInVesalius DICOM File injection", "creation_timestamp": "2024-12-28T11:38:47.000000Z"}, {"uuid": "dbefc578-0c45-4e18-9958-892c3e3eaeec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45440", "type": "seen", "source": "https://t.me/suboxone_chatroom/1592", "content": "#exploit\n\n1. CVE-2024-45440:\nDrupal Full Path Disclosure\n\n2. How an obscure PHP footgun led to RCE in Craft CMS\n\n3. CVE-2024-20137:\nMediaTek SOCs\u00a0WLAN Driver - DoS\n\n4. CVE-2024-42845:\nInVesalius DICOM File injection", "creation_timestamp": "2025-01-27T07:08:02.000000Z"}, {"uuid": "fec9c07a-2dfa-4478-a9eb-55a010530fb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45440", "type": "published-proof-of-concept", "source": "https://t.me/ckeArsenal/271", "content": "https://github.com/w0r1i0g1ht/CVE-2024-45440\n\nCVE-2024-45440\n#github #poc", "creation_timestamp": "2024-12-27T18:55:07.000000Z"}]}